krb5.git
28 years agoadd sam encoders, decoders, including "optional string" macros
Mark Eichin [Tue, 9 Apr 1996 22:51:38 +0000 (22:51 +0000)]
add sam encoders, decoders, including "optional string" macros

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7771 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd afs3 salt support
Mark Eichin [Tue, 9 Apr 1996 22:50:28 +0000 (22:50 +0000)]
add afs3 salt support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7770 dc483132-0cff-0310-8789-dd5450dbe970

28 years agodocument the afs3 salt tag
Mark Eichin [Tue, 9 Apr 1996 22:48:59 +0000 (22:48 +0000)]
document the afs3 salt tag

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7769 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd afsstring2key
Mark Eichin [Tue, 9 Apr 1996 22:47:25 +0000 (22:47 +0000)]
add afsstring2key
hack des string2key to call it if salt.length is -1
initialize context in testsuite

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7768 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd transarc-afs cmu-style long-lived ticket timestamp support
Mark Eichin [Tue, 9 Apr 1996 22:46:22 +0000 (22:46 +0000)]
add transarc-afs cmu-style long-lived ticket timestamp support
handle clockskew properly

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7767 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd SAM preauth extensible snk4 support
Mark Eichin [Tue, 9 Apr 1996 22:45:03 +0000 (22:45 +0000)]
add SAM preauth extensible snk4 support
add AFS3 preauth response and salt hooks

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7766 dc483132-0cff-0310-8789-dd5450dbe970

28 years agounused, but afs3 hook added for completeness
Mark Eichin [Tue, 9 Apr 1996 22:44:01 +0000 (22:44 +0000)]
unused, but afs3 hook added for completeness

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7765 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoKen's acl and hangup fixes
Mark Eichin [Tue, 9 Apr 1996 22:43:21 +0000 (22:43 +0000)]
Ken's acl and hangup fixes
AFS3 salt support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7764 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd "extract snk4 key" function to get device keys out of the database
Mark Eichin [Tue, 9 Apr 1996 22:42:11 +0000 (22:42 +0000)]
add "extract snk4 key" function to get device keys out of the database
(easier than putting them in...)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7763 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd afs3 salttype value
Mark Eichin [Tue, 9 Apr 1996 22:41:13 +0000 (22:41 +0000)]
add afs3 salttype value

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7762 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoadd SAM preauth values and prototypes
Mark Eichin [Tue, 9 Apr 1996 22:40:49 +0000 (22:40 +0000)]
add SAM preauth values and prototypes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7761 dc483132-0cff-0310-8789-dd5450dbe970

28 years agosome fixes changes from marc. changelogs will be merged later
Mark Eichin [Tue, 9 Apr 1996 22:40:18 +0000 (22:40 +0000)]
some fixes changes from marc. changelogs will be merged later

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7760 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * rcp.exp: Invoke kshd with -L for every environment variable we
Ezra Peisach [Mon, 8 Apr 1996 19:34:12 +0000 (19:34 +0000)]
    * rcp.exp: Invoke kshd with -L for every environment variable we
                want passed to invoke rcp with...

We also tell kshd to pass on ENV_SET because at MIT,
csh -c rcp.... will source the users .cshrc - which at MIT sets
LD_LIBRARY_PATH on the SUNS... We cannot use other options like
-f as the user may have sh as their shell. Probably kshd should recognize
rcp and invoke rcp without the shell invocation....

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7759 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoCheck in comments from previous checkin
Ezra Peisach [Mon, 8 Apr 1996 18:11:11 +0000 (18:11 +0000)]
Check in comments from previous checkin

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7758 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMajor chanes to use the list of runtime environment variables as
Ezra Peisach [Mon, 8 Apr 1996 03:07:31 +0000 (03:07 +0000)]
Major chanes to use the list of runtime environment variables as
indicated by configure. (i.e. do not assume that LD_LIBRARY_PATH is all
you need)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7754 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * configure.in: Add KRB5_RUN_FLAGS
Ezra Peisach [Mon, 8 Apr 1996 03:04:26 +0000 (03:04 +0000)]
* configure.in: Add KRB5_RUN_FLAGS

* Makefile.in (site.exp): Create site.exp with runtime environment
line from configure.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7753 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd an option -L to pass an environment variable to a client.
Ezra Peisach [Mon, 8 Apr 1996 02:47:37 +0000 (02:47 +0000)]
Add an option -L to pass an environment variable to a client.
This is used by the DejaGnu test suite to pass the shared library
paths to start up rcp properly.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7752 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemoved a bogus dependency (if you try make depend)
Richard Basch [Wed, 3 Apr 1996 22:31:15 +0000 (22:31 +0000)]
Removed a bogus dependency (if you try make depend)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7750 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * krlogind.c: Under Solaris, when the connection pipe goes away,
Richard Basch [Wed, 3 Apr 1996 22:24:03 +0000 (22:24 +0000)]
* krlogind.c: Under Solaris, when the connection pipe goes away,
zero bytes are returned.  Since we are using blocking
read calls, and the net_read function deals with
interrupted/resumed reads, consider zero bytes to be
be a terminated connection, so as not to spin.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7749 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoInlined list of source files for SRCS and OBJS (for Macintosh build)
Theodore Tso [Tue, 2 Apr 1996 20:32:13 +0000 (20:32 +0000)]
Inlined list of source files for SRCS and OBJS (for Macintosh build)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7748 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in (SRCS): Inlined list of source files for SRCS and OBJS
Theodore Tso [Tue, 2 Apr 1996 20:21:30 +0000 (20:21 +0000)]
Makefile.in (SRCS): Inlined list of source files for SRCS and OBJS
(for Macintosh build).

k5mech.c: Added Macintosh #ifdef so that the #include path is right
for the Macintosh.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7747 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoLeading/trailing colons should not be there based on the variable usage.
Richard Basch [Mon, 1 Apr 1996 15:15:28 +0000 (15:15 +0000)]
Leading/trailing colons should not be there based on the variable usage.
Solaris test was incorrect.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7746 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoWhitespace cleanup for readability
Richard Basch [Mon, 1 Apr 1996 15:11:43 +0000 (15:11 +0000)]
Whitespace cleanup for readability

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7745 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoTook the list of sources and object files in FSRCS, FOBJS, D3OBJS, and
Theodore Tso [Sun, 31 Mar 1996 03:57:48 +0000 (03:57 +0000)]
Took the list of sources and object files in FSRCS, FOBJS, D3OBJS, and
D3SRCS, and inlined them into the OBJS and SRCS list.  This is
necessary so that the files are correctly picked up for the Macintosh
build.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7744 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoInlined the list of et-build source files in SRCS, so that they are
Theodore Tso [Sun, 31 Mar 1996 03:56:14 +0000 (03:56 +0000)]
Inlined the list of et-build source files in SRCS, so that they are
correctly included in the Mac build.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7743 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemoved crctest.c from the SRCS list, since it's only a test program
Theodore Tso [Sun, 31 Mar 1996 03:54:57 +0000 (03:54 +0000)]
Removed crctest.c from the SRCS list, since it's only a test program
and it confuses the Macintosh build.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7742 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFixed comments describing the various checksum types. (Added numbers,
Theodore Tso [Sun, 31 Mar 1996 03:53:46 +0000 (03:53 +0000)]
Fixed comments describing the various checksum types.  (Added numbers,
and fixed a mistake in a description of an undefined checksum type.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7741 dc483132-0cff-0310-8789-dd5450dbe970

28 years agomacfiles.sh: Add the C files which were used in the MACSRCS
Theodore Tso [Sun, 31 Mar 1996 03:47:07 +0000 (03:47 +0000)]
macfiles.sh: Add the C files which were used in the MACSRCS
definition, as well as the SRCS definition.

Makefile.tmpl (KH): Add KerberosHeaders.h to the dependencies for the
precompiled header.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7740 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded SunOS shared library support
Richard Basch [Sat, 30 Mar 1996 00:18:40 +0000 (00:18 +0000)]
Added SunOS shared library support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7739 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded basic SunOS shared library support
Richard Basch [Sat, 30 Mar 1996 00:18:05 +0000 (00:18 +0000)]
Added basic SunOS shared library support

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7738 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in: support des3-cbc-raw
Richard Basch [Fri, 29 Mar 1996 01:38:42 +0000 (01:38 +0000)]
Makefile.in: support des3-cbc-raw
des3_md5.c: correct an abstraction violation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7737 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded support for des3-cbc-raw (gssapi) and rsa-md5-des3
Richard Basch [Fri, 29 Mar 1996 01:33:59 +0000 (01:33 +0000)]
Added support for des3-cbc-raw (gssapi) and rsa-md5-des3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7736 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded support for ENCTYPE_DES3_CBC_RAW (gssapi)
Richard Basch [Fri, 29 Mar 1996 01:30:21 +0000 (01:30 +0000)]
Added support for ENCTYPE_DES3_CBC_RAW (gssapi)
des_int.h: added support for CKSUMTYPE_RSA_MD5_DES3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7735 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded support for CKSUMTYPE_RSA_MD5_DES3
Richard Basch [Fri, 29 Mar 1996 01:28:53 +0000 (01:28 +0000)]
Added support for CKSUMTYPE_RSA_MD5_DES3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7734 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded ENCTYPE_DES3_CBC_RAW (for gssapi)
Richard Basch [Fri, 29 Mar 1996 01:26:56 +0000 (01:26 +0000)]
Added ENCTYPE_DES3_CBC_RAW (for gssapi)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7733 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded support for ENCTYPE_DES3_CBC_RAW (gssapi)
Richard Basch [Fri, 29 Mar 1996 01:21:10 +0000 (01:21 +0000)]
Added support for ENCTYPE_DES3_CBC_RAW (gssapi)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7732 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUse new MacTCP Header files
Theodore Tso [Thu, 28 Mar 1996 23:00:08 +0000 (23:00 +0000)]
Use new MacTCP Header files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7731 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAddressXlation.h: Updated to use latest versions from the Apple's
Theodore Tso [Thu, 28 Mar 1996 22:59:21 +0000 (22:59 +0000)]
AddressXlation.h: Updated to use latest versions from the Apple's
MacTCP Universal Interface.  (For PowerPC port).

MacTCP.h: New header file from Apple's Universal Interface

GetMyIPAddr.h, MacTCPCommonTypes.h, TCPPB.h, UDPPB.h: Removed old
MacTCP header files.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7730 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDNR.c: Replace eight-year-old version of this file with the latest
Theodore Tso [Thu, 28 Mar 1996 22:56:46 +0000 (22:56 +0000)]
DNR.c: Replace eight-year-old version of this file with the latest
version from the Code Warrior MacTCP files.

macsock.c: Use new MacTCP header files.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7729 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDon't use "-model far" when linking on the Power PC. It has no
Theodore Tso [Wed, 27 Mar 1996 23:53:40 +0000 (23:53 +0000)]
Don't use "-model far" when linking on the Power PC.  It has no
meaning.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7724 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUse universal procedure pointers (UPP) which are necessary for the Mac
Theodore Tso [Wed, 27 Mar 1996 23:52:26 +0000 (23:52 +0000)]
Use universal procedure pointers (UPP) which are necessary for the Mac
Power PC.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7723 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUse universal procedure pointers (UPP), which are required on the Mac
Theodore Tso [Wed, 27 Mar 1996 23:48:41 +0000 (23:48 +0000)]
Use universal procedure pointers (UPP), which are required on the Mac
Power PC.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7722 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDES modes are now interoperable
Richard Basch [Wed, 27 Mar 1996 22:56:38 +0000 (22:56 +0000)]
DES modes are now interoperable

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7721 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* in_tkt_ktb.c (keytab_keyproc): Do not check to see that the
Richard Basch [Wed, 27 Mar 1996 22:55:17 +0000 (22:55 +0000)]
* in_tkt_ktb.c (keytab_keyproc): Do not check to see that the
enctype of the key is identical; there are several equivalent
DES enctypes.

* in_tkt_ktb.c (krb5_get_in_tkt_with_keytab): Removed the fancy
logic to only request the keytypes that correspond to those in
the keytab.  There were too many fencepost conditions that could
get you into trouble.  Either it should be there and *fully*
functional, or not in there at all.  Besides, there are too many
other components in Kerberos that expect the end-service to know
all its keys that this sanity check is overkill.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7720 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFixed an incorrect entry
Richard Basch [Wed, 27 Mar 1996 22:54:07 +0000 (22:54 +0000)]
Fixed an incorrect entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7719 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * telnetd.c: remove inclusion of netdb.h; it's already in defs.h,
Tom Yu [Wed, 27 Mar 1996 05:30:29 +0000 (05:30 +0000)]
* telnetd.c: remove inclusion of netdb.h; it's already in defs.h,
and #$%&* ultrix doesn't protect it from multiple
inclusions.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7718 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDon't include <sys/types.h> mechglue.h will take care of this by
Theodore Tso [Wed, 27 Mar 1996 05:08:52 +0000 (05:08 +0000)]
Don't include <sys/types.h> mechglue.h will take care of this by
including gssapi.h, which will include sys/types.h if necessary.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7717 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd #define of HAVE_STDLIB_H, since Macintoshes have it!
Theodore Tso [Wed, 27 Mar 1996 05:08:22 +0000 (05:08 +0000)]
Add #define of HAVE_STDLIB_H, since Macintoshes have it!

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7716 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded imap service to the conversion list (it is used by some off-the-shelf
Richard Basch [Tue, 26 Mar 1996 19:49:46 +0000 (19:49 +0000)]
Added imap service to the conversion list (it is used by some off-the-shelf
imap mail packages).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7715 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * default.exp (start_kerberos_daemons): New methodology for
Ezra Peisach [Tue, 26 Mar 1996 05:43:20 +0000 (05:43 +0000)]
* default.exp (start_kerberos_daemons): New methodology for
starting KDC so that the KDC will not hang on a full
output buffer which is being ignored.
(setup_kerberos_files): Enable des3 encryption types.

The first problem was seen on Suns where I previously set the logging
for the kdc to stderr, and then ignored the output after the server was
running.

The second exercised the bug that sam just fixed in mixing in the des3
encryption types.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7712 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd a couple missing log entries for stuff Mark checked in
Ken Raeburn [Mon, 25 Mar 1996 21:44:07 +0000 (21:44 +0000)]
Add a couple missing log entries for stuff Mark checked in

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7711 dc483132-0cff-0310-8789-dd5450dbe970

28 years agokrshd.c: use the library routines to do v4 to v5 principal translation
Richard Basch [Mon, 25 Mar 1996 16:19:38 +0000 (16:19 +0000)]
krshd.c: use the library routines to do v4 to v5 principal translation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7710 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoBacked out the patch for const pointer reassignments; it was legal ANSI
Richard Basch [Mon, 25 Mar 1996 15:24:01 +0000 (15:24 +0000)]
Backed out the patch for const pointer reassignments; it was legal ANSI

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7709 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoChanges to help streams work correctly on AIX 4.1.4 and HPUX 9.
Sam Hartman [Mon, 25 Mar 1996 03:01:48 +0000 (03:01 +0000)]
Changes to help streams work correctly on AIX 4.1.4 and HPUX 9.
Adapted loosly from 1837 in krb5-bugs, although I ended up not using
any of Doug's code.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7708 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoImplement _getpty handling for the SGI
Sam Hartman [Sun, 24 Mar 1996 20:31:55 +0000 (20:31 +0000)]
Implement _getpty handling for the SGI

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7707 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* krshd no longer does non-blocking IO. It never really needed it
Sam Hartman [Sun, 24 Mar 1996 20:28:37 +0000 (20:28 +0000)]
* krshd no longer does non-blocking IO.  It never really needed it

* krcp works correctly even if not all data is written in a single
request.

* Implement temporary patch to make sure des_outbuf is big enough.
Proven should be sending the Cygnus patch once he decides how to
handle this permanently.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7706 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* Apply patch from Ken Raeburn to get telnetd compiling on the SGI
Sam Hartman [Sun, 24 Mar 1996 20:23:45 +0000 (20:23 +0000)]
* Apply patch from Ken Raeburn to get telnetd compiling on the SGI

* Force telnetd not to use streams on the SGI; it doesn't support
pushing modules onto a pty.

* Remove old utmpx crud from sys_term.c because it was getting called
inadvertently, didn't compile on the SGI, and libpty already does
something reasonable with utmpx.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7705 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix multiple enctype bug: the enctype for the eblock used to encrypt
Sam Hartman [Sun, 24 Mar 1996 20:19:29 +0000 (20:19 +0000)]
Fix multiple enctype bug: the enctype for the eblock used to encrypt
the kdc request used the enctype of the tgt, not of the session key.
Considering that the request is encrypted in the session key of the
tgt, this is incorrect.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7704 dc483132-0cff-0310-8789-dd5450dbe970

28 years agodo not bother building the old kadmin server (kadmin.old)
Richard Basch [Fri, 22 Mar 1996 04:56:45 +0000 (04:56 +0000)]
do not bother building the old kadmin server (kadmin.old)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7703 dc483132-0cff-0310-8789-dd5450dbe970

28 years agokrb5_get_in_tkt_with_keytab(): only request keytypes that have corresponding
Richard Basch [Fri, 22 Mar 1996 04:55:58 +0000 (04:55 +0000)]
krb5_get_in_tkt_with_keytab(): only request keytypes that have corresponding
entries in the keytab.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7702 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoall des enctypes are equivalent (interim checkin until I create a function
Richard Basch [Fri, 22 Mar 1996 04:53:25 +0000 (04:53 +0000)]
all des enctypes are equivalent (interim checkin until I create a function
to check the key equivalency of two enctypes).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7701 dc483132-0cff-0310-8789-dd5450dbe970

28 years agobullet-proofing the code -- if the data contents are NULL, it would coredump
Richard Basch [Fri, 22 Mar 1996 04:52:13 +0000 (04:52 +0000)]
bullet-proofing the code -- if the data contents are NULL, it would coredump
(I discovered this one because of another bug)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7700 dc483132-0cff-0310-8789-dd5450dbe970

28 years agonew principals were being created with two keys, one of which the
Richard Basch [Fri, 22 Mar 1996 04:50:48 +0000 (04:50 +0000)]
new principals were being created with two keys, one of which the
key_data_ver=0 and had no valid data

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7699 dc483132-0cff-0310-8789-dd5450dbe970

28 years agouse the library routines to do the v4 to v5 principal translation
Richard Basch [Fri, 22 Mar 1996 04:49:59 +0000 (04:49 +0000)]
use the library routines to do the v4 to v5 principal translation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7698 dc483132-0cff-0310-8789-dd5450dbe970

28 years agog_imp_sec_context.c (gss_import_sec_context):
Theodore Tso [Thu, 21 Mar 1996 05:18:00 +0000 (05:18 +0000)]
g_imp_sec_context.c (gss_import_sec_context):
g_exp_sec_context.c (gss_export_sec_context): Fix 16bit vs 32bit lint flame.

g_glue.c, g_initialize.c: Add include of string.h, as it is needed.

g_acquire_cred.c, g_inq_cred.c: Add include of time.h

g_rel_oid_set.c (gss_release_oid_set): Removed unused variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7695 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDon't compile this procedure, since it's not used. The mechanism glue
Theodore Tso [Thu, 21 Mar 1996 04:39:12 +0000 (04:39 +0000)]
Don't compile this procedure, since it's not used.  The mechanism glue
layer uses the krb5_gss_internal_relase_oid() function.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7694 dc483132-0cff-0310-8789-dd5450dbe970

28 years agowalk_rtree.c (krb5_walk_realm_tree): Fix 16bit vs. 32bit error.
Theodore Tso [Thu, 21 Mar 1996 04:20:14 +0000 (04:20 +0000)]
walk_rtree.c (krb5_walk_realm_tree): Fix 16bit vs. 32bit error.
(cap_code should been a krb5_error_code, not an int!)

mk_cred.c (krb5_mk_ncred_basic): Fix windows lint flame.

get_in_tkt.c (krb5_get_in_tkt): Fix 16bit vs. 32bit error.  (do_more
should not have been an int!)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7693 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoChange type of pa_type field in krb5_pa_data to be krb5_preauthtype,
Theodore Tso [Thu, 21 Mar 1996 04:19:30 +0000 (04:19 +0000)]
Change type of pa_type field in krb5_pa_data to be krb5_preauthtype,
for consistency's sake.

Added prototype for krb5_copy_addr().

Change type of etype in krb5_etype_info_entry to be krb5_enctype, for
consistency's sake.

(More cleanup of windows 16bit vs. 32bit)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7692 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoDecode pa_type in the krb5_pa_data structure as a krb5_int32, since it
Theodore Tso [Thu, 21 Mar 1996 04:17:29 +0000 (04:17 +0000)]
Decode pa_type in the krb5_pa_data structure as a krb5_int32, since it
is now type krb5_preauthtype.

Decode etype in the krb5_etype_info_entry as krb5_enctype.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7691 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded prototype of krb5_scc_skip_header to fix Windows lint flames
Theodore Tso [Thu, 21 Mar 1996 03:51:25 +0000 (03:51 +0000)]
Added prototype of krb5_scc_skip_header to fix Windows lint flames

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7690 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdded prototype of krb5_fcc_skip_header to fix Windows lint flames
Theodore Tso [Thu, 21 Mar 1996 03:50:58 +0000 (03:50 +0000)]
Added prototype of krb5_fcc_skip_header to fix Windows lint flames

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7689 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix 16 bit vs. 32bit error in the encoded timestamp structure
Theodore Tso [Thu, 21 Mar 1996 03:44:10 +0000 (03:44 +0000)]
Fix 16 bit vs. 32bit error in the encoded timestamp structure

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7688 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix Windows lint flames. (16bit vs. 32bit issues)
Theodore Tso [Thu, 21 Mar 1996 03:40:28 +0000 (03:40 +0000)]
Fix Windows lint flames.  (16bit vs. 32bit issues)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7687 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoComment out #ident line. This causes the Macintosh C compiler
Theodore Tso [Thu, 21 Mar 1996 01:36:03 +0000 (01:36 +0000)]
Comment out #ident line.  This causes the Macintosh C compiler
indigestion.  Remove #include of gssapi/gssapi.h, since that gets
included by gssapiP_generic.h.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7686 dc483132-0cff-0310-8789-dd5450dbe970

28 years agomechglue.h: Don't include <sys/types.h>; it's included if necessary in
Theodore Tso [Thu, 21 Mar 1996 01:35:02 +0000 (01:35 +0000)]
mechglue.h: Don't include <sys/types.h>; it's included if necessary in
gssapi/gssapi.h.  On a Macintosh, #include gssapi.h instead of
gssapi/gssapi.h.

g_accept_sec_context.c, g_acquire_cred.c, g_compare_name.c,
g_context_time.c, g_delete_sec_context.c, g_dsp_name.c,
g_dsp_status.c, g_exp_sec_context.c, g_glue.c, g_imp_name.c,
g_imp_sec_context.c, g_indicate_mechs.c, g_init_sec_context.c,
g_initialize.c, g_inq_context.c, g_inq_cred.c, g_inq_names.c,
g_process_context.c, g_rel_buffer.c, g_rel_cred.c, g_rel_name.c,
g_rel_oid_set.c, g_seal.c, g_sign.c, g_unseal.c, g_verify.c,
gssd_pname_to_uid.c, mechglue.h, mglueP.h: Comment out #ident line.
This causes the Macintosh C compiler indigestion.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7685 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * Makefile (clean): Remove *.info-? now
Ezra Peisach [Wed, 20 Mar 1996 20:16:26 +0000 (20:16 +0000)]
    * Makefile (clean): Remove *.info-? now

        * install.texi: Changes to allow emacs M-X texinfo-format-buffer
                to work. (The problem was @item used within @enumerate).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7684 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoFix SRCS definition so that it doesn't fool the Macintosh macfiles.sh
Theodore Tso [Wed, 20 Mar 1996 05:19:49 +0000 (05:19 +0000)]
Fix SRCS definition so that it doesn't fool the Macintosh macfiles.sh
Makefile generation script.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7682 dc483132-0cff-0310-8789-dd5450dbe970

28 years agomacfiles.sh: Improved matching of the SRCS declaration. It must not
Theodore Tso [Wed, 20 Mar 1996 05:18:11 +0000 (05:18 +0000)]
macfiles.sh: Improved matching of the SRCS declaration.  It must not
be commented out; it must start on the first column of the line.

Makefile.tmpl (KH): Fix typos in Dan's original template.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7681 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd kdc_preauth.c
Ezra Peisach [Wed, 20 Mar 1996 04:11:57 +0000 (04:11 +0000)]
Add kdc_preauth.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7680 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoRemove no longer relevant ksu.1
Ezra Peisach [Wed, 20 Mar 1996 04:08:46 +0000 (04:08 +0000)]
Remove no longer relevant ksu.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7679 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * des_crc.c (mit_des_crc_decrypt_func): Add const to pointer
Ezra Peisach [Wed, 20 Mar 1996 02:24:01 +0000 (02:24 +0000)]
* des_crc.c (mit_des_crc_decrypt_func): Add const to pointer
cast for suncc warning.

Update .Saintize as well to reflect reality

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7678 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * new_rn_key.c (mit_des_generate_random_block): Add const keywrod
Ezra Peisach [Wed, 20 Mar 1996 02:22:22 +0000 (02:22 +0000)]
* new_rn_key.c (mit_des_generate_random_block): Add const keywrod
to cast for suncc warning.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7677 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoustime.c was renamed to c_ustime.c
Ezra Peisach [Wed, 20 Mar 1996 02:17:26 +0000 (02:17 +0000)]
ustime.c was renamed to c_ustime.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7676 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd keytab.c
Ezra Peisach [Wed, 20 Mar 1996 02:15:05 +0000 (02:15 +0000)]
Add keytab.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7675 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoAdd new .Sanitize file
Ezra Peisach [Wed, 20 Mar 1996 02:13:09 +0000 (02:13 +0000)]
Add new .Sanitize file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7674 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoSynchronize .Sanitize with current reality
Ezra Peisach [Wed, 20 Mar 1996 02:12:55 +0000 (02:12 +0000)]
Synchronize .Sanitize with current reality

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7673 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* kcmd.c (ruserok): declare the function as taking const char *
Richard Basch [Wed, 20 Mar 1996 01:14:10 +0000 (01:14 +0000)]
* kcmd.c (ruserok): declare the function as taking const char *
instead of char * (Solaris 2.5 refuses to compile it, otherwise).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7672 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* conv_creds.c (krb524_convert_creds_plain):
Richard Basch [Wed, 20 Mar 1996 01:02:57 +0000 (01:02 +0000)]
* conv_creds.c (krb524_convert_creds_plain):
if the v5 lifetime is greater than the max v4 lifetime, use the max
v4 lifetime (0xff), rather than masking it with 0xff.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7671 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* kadm_funcs.c: changed all references of des-cbc-md5 to des-cbc-crc
Richard Basch [Wed, 20 Mar 1996 01:02:32 +0000 (01:02 +0000)]
* kadm_funcs.c: changed all references of des-cbc-md5 to des-cbc-crc
(which is what v4 really uses); also, fixed uninitialized variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7670 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* ktutil_funcs.c (ktutil_write_srvtab): use any type of des key
Richard Basch [Wed, 20 Mar 1996 01:02:02 +0000 (01:02 +0000)]
* ktutil_funcs.c (ktutil_write_srvtab): use any type of des key
in the keytab to create a v4 srvtab

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7669 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago* kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
Richard Basch [Wed, 20 Mar 1996 01:01:24 +0000 (01:01 +0000)]
* kdb5_edit.c (extract_v4_srvtab): do not test to make sure we
fetched a key of enctype 1 (des-cbc-crc), since we may have gotten
another des key from the database, which is just as useful in a
v4 srvtab

* dumpv4.c (dump_v4_iterator): use krb5_524_conv_principal to do the
v5 to v4 principal translation, instead of having yet another
hard-coded table.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7668 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * tf_util.c (tf_get_cred): Issue date is written out as a long,
Ezra Peisach [Tue, 19 Mar 1996 16:27:56 +0000 (16:27 +0000)]
* tf_util.c (tf_get_cred): Issue date is written out as a long,
read back in as same.

I have kept the size as a long to be compatible with the Cygnus V4
distribution. The problem was introduced when we changed the include/kerberosIV
structures to use 32 bit ints for timestamps. So, under OSF/1, tf_util would
write out a 64 bit issue date, and then try reading back in a 32 bit one. Since
Cygnus uses sizeof(long) we will too.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7667 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoPut back in the encrypted telnet tests
Ezra Peisach [Tue, 19 Mar 1996 15:06:08 +0000 (15:06 +0000)]
Put back in the encrypted telnet tests

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7666 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * configure.in: Add KRB5_RUN_FLAGS
Ezra Peisach [Tue, 19 Mar 1996 03:03:57 +0000 (03:03 +0000)]
* configure.in: Add KRB5_RUN_FLAGS

* Makefile.in: Use the run flags.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7665 dc483132-0cff-0310-8789-dd5450dbe970

28 years ago * aclocal.m4 (KRB5_RUN_FLAGS): Allows for setting of proper paths
Ezra Peisach [Tue, 19 Mar 1996 02:58:27 +0000 (02:58 +0000)]
* aclocal.m4 (KRB5_RUN_FLAGS): Allows for setting of proper paths
for executing programs in the build tree with proper
overriding of potentially installed libraries.

* configure.in: Setup for KRB5_RUN_FLAGS

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7664 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in: Added flags which turn on the encryption option
Theodore Tso [Tue, 19 Mar 1996 02:39:45 +0000 (02:39 +0000)]
Makefile.in: Added flags which turn on the encryption option

telnetd.c (getterminaltype): If the authentication option which was
negotiated requires that encryption be turned on, then enforce this
here.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7663 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMakefile.in: Added flags to turn on the encryption option
Theodore Tso [Tue, 19 Mar 1996 02:38:56 +0000 (02:38 +0000)]
Makefile.in: Added flags to turn on the encryption option

authenc.c (telnet_spin): Implemented the telnet spin function, which
works by calling the Scheduler with the tty_lockout flag set.

main.c (main): If the -x option is given, set the autologin,
wantencryption, and auth_enable_encrypt flag.  They enable
authentication, enforcement of the encryption option, and a flag to
the auth layer to negotiate authentication with mandatory encryption
option.

telnet.c (telnet): If the wantencryption flag is set (because the user
has given the -x option, then we enforce that encryption must be
turned on.  The user will not be able to type to the network stream
until encryption is enabled, and if encryption is refused, the client
will print an error message.
(Scheduler): If the tty_lockout flag is set, then don't process
keyboard read events.  This prevents the user from typing over the
network until encryption is enabled.

utilities.c (printsub): Added print support for the authentication
must-encrypt option.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7662 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoMon Mar 18 20:56:37 1996 Theodore Y. Ts'o <tytso@dcl>
Theodore Tso [Tue, 19 Mar 1996 02:33:21 +0000 (02:33 +0000)]
Mon Mar 18 20:56:37 1996  Theodore Y. Ts'o  <tytso@dcl>

      * kerberos5.c (kerberos5_send): Send in as input the
              authentication type pair (ap->type, ap->way) to be
              checksumed in the authenticator.
              (kerberos5_is): If the checksum is present in the
              authenticator, then validate the authentication type pair
              against the checksum.
              (kerberos5_reply): If we didn't do mutual authentication,
              and we receive a KRB_ACCEPT, then stash away the session
              key anyway.  This way we have a chance of doing encryption
              even if mutual authentication wasn't done.

      * encrypt.c (EncryptStartInput, EncryptStartOutput): Added
              conditional around printf so that these two functions can
              be called by the server.
              (encrypt_is_encrypting): New function which returns true
              only if both sides of the telnet stream is encrypted.

Fri Mar 15 18:19:44 1996  Theodore Y. Ts'o  <tytso@dcl>

      * auth.c: Added new authentication scheme for Krb5 mutual
              authentication with mandatory encryption.
              (auth_send, auth_send_retry): Split auth_send() so that
              the functionality done by auth_send_retry() is separate.
              This avoids a really dodgy pointer comparison which was
              caused by auth_send() being used for two purposes.
              If the client has not requested encryption, then don't
              use the authentication systems which require encryption.
              (auth_must_encrypt):  New function which returns whether
              or not encryption must be negotiated.

      * auth-proto.h: Added prototype for new option
              auth_must_encrypt().

      * Makefile.in (ENCRYPTION, DES_ENCRYPTION): Added defines to turn
              on encryption and des encryption.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7661 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoUse AC_HEADER_STDARG and use that test to set STDARG.
Ezra Peisach [Tue, 19 Mar 1996 02:10:12 +0000 (02:10 +0000)]
Use AC_HEADER_STDARG and use that test to set STDARG.
The old test assumed that either STDARG was defined or __STDC__ - which
is not sufficient.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7660 dc483132-0cff-0310-8789-dd5450dbe970

28 years agoBack out last change and use a cast to avoid warnings.
Ezra Peisach [Tue, 19 Mar 1996 02:08:17 +0000 (02:08 +0000)]
Back out last change and use a cast to avoid warnings.
Richard has indicated that come compilers get upset if you try to
reassign a const char *.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7659 dc483132-0cff-0310-8789-dd5450dbe970